cyris360-framework

References

1-Governance

1.1 NIST.IR 8286

1.2 EU RMF ENISA

1.3 Security OKRs

1.4 SCSG

1.5 OWASP SCG

1.6 TechTarget

1.7 ECSF ENISA

1.8 ECSF SANS

1.9 ROSI ENISA

1.10 ISO27002 Controls

1.11 SOC2

1.12 NIST Cybersecurity Framework

1.13 NIST SP 800-53 rev5

1.14 CIS Critical Security Controls

1.15 CSA Cloud Controls Matrix

1.16 ENX TISAX ISA

1.17 SANS CSSR

1.18 Paul Jerimy SCR

2-Implementation

2.1 Corp vs Prod Security SANS

2.2 SOC

2.3 UEM

2.4 DLP

2.5 IAM

2.6 SM

2.7 CSPM

2.8 OWASP ASVS

2.9 OWASP MASVS

2.10 Threat Modeling Manifesto

2.11 STRIDE-LM

2.12 STRIDE-GPT

2.13 AWS WAT Security

2.14 Microsoft WAF Security

2.15 Google CAF Security

2.16 CIAM

3-Operations

3.1 PTES

3.2 What is pentest

3.3 PT MM

3.4 RD Policy

3.5 Security.txt

3.6 OBB

3.7 GH ACE

3.8 SSL Test

3.9 CMDB

3.10 UES

3.11 NCSC early warning

3.12 CISA exploited vulnerabilties

3.13 Patch This

3.14 NIST SP 800-61r2

3.15 CISA I&VRP

3.16 ISO27035

9-Appendices

9.1 MITRE CAPEC

9.2 Ransomeware Stats

9.3 ENISA SCA

9.4 NCSC NL SC

9.5 Natural Disasters

9.6 CISA Insider Threats

9.7 SPS Case studies

9.8 PWC Industrial Espionnage

9.9 MITRE Attack groups

9.10 Mandiant APT